Wednesday, September 14, 2016

In this post, I will explain how to use Email OTP two authenticator through WSO2 Identity server. In this demonstration, I am using SMTP mail transport which was used to send the OTP code via email at the time authentication happens.

Add the authenticator configuration <IS_HOME>/repository/conf/identity/application-authentication.xml file under the <AuthenticatorConfigs> section.

Add the email template in the <IS_HOME>/repository/conf/email/email-admin-config.xml file.

<configuration type="EmailOTP">

<targetEpr></targetEpr>

<subject>WSO2 IS EmailOTP Authenticator One Time Password</subject>

<body>

Hi,

Please use this OTP {OTPCode} to go with EmailOTP authenticator.

</body>

<footer>

Best Regards,

WSO2 Identity Server Team

http://www.wso2.com

</footer>

<redirectPath></redirectPath>

</configuration>

When
authentication is happening in second step, the code will be sent to
email which is saved in email claim of user's user profile.If the user apply the code, WSO2 IS will validate the code and let the user sign in accordingly.

In this post, I will explain how to use SMS OTP multifactor authenticator through WSO2 Identity server. In this demonstration, I am using Twilio SMS Provider which was used to send the OTP code via SMS at the time authentication happens.

SMS OTP Authentication Flow

The SMS OTP authenticator of WSO2 Identity Server allows to authenticate the system using multifactor authentication. This authenticator authenticates with user name and password as a first step, then sending the one time password to the mobile via SMS as a second step. WSO2 IS will validate the code and let the user sign in accordinglyAdd the authenticator configuration <IS_HOME>/repository/conf/identity/application-authentication.xml file under the <AuthenticatorConfigs> section.

Configure the Service Provider and Identity Provider Configuration as we normally configure for Two factor authentication. Now we will configure SMS OTP Identity provider for Twilio specific SMS Provider.

Go to ​ https://www.twilio.com/try­twilio​ and create a twilio account.While registering the account, verify your mobile number and click on console homehttps://www.twilio.com/console​ to get free credits (Account SID and Auth Token).

Twilio uses a POST method with headers and the text message and phone number are sent asthe payload. So the fields would be as follows.

You can go to SMS OTP Identity Provider and configure to send the SMS using Twilio SMS Provider.

Twilio SMS Provider Config

When authentication is happening in second step, the code will be sent to mobile no which is saved in mobile claim of user's user profile.If the user apply the code, WSO2 IS will validate the code and let the user sign in accordingly.

Monday, April 4, 2016

In this post, I am going to explain about Kafka connector and Kafka inbound endpoint performance with WSO2 ESB 4.9 and how to tune the performance for producer and consumer use cases. The performance test of Kafka inbound endpoint and Kafka connector was carried out on below machine configuration:Performance Test Environment :OS: Ubuntu 64-bitMemory: 16GiBProcessor: Intel Core i7-4800MQ CPU 2.70GHzx8ESB Kafka ConnectorWSO2 ESB Kafka connector allows you to send the data to Kafka message broker.

Threads

Messages per a Thread

No of Messages

A Message Size(byte)

Throughput (/s)

10

100

1,000

106

831

10

500

5,000

106

1590

20

500

10,000

106

2251

100

250

25,000

106

2940

1,000

1500

1,500,000

106

2780

Average Throughput(/s) - 2767You can get highest throughput with default ESB configuration.ESB Kafka Inbound EndpointWSO2 ESB Kafka Inbound endpoint allows you to consume the data from Kafka message broker. https://docs.wso2.com/display/ESB490/Working+with+Inbound+EndpointsAbove document includes inbound endpoint common parameters and how to change them for best performance. Even though I provide some recommended values with the performance tuning stats.You can tune the Kafka inbound endpoint performance by changing the inbound thread pool values. The values can be changed in the location.<ESB_HOME>/repository/conf/synapse.properties fileOn Sequential ModeThe following performance stat is measured with default inbound thread pool values and sequential mode.

We have gone through the performance test with default inbound thread pool.Average Throughput(/s) - 135Now we have increased the thread pool values and gone through the performance test.inbound.threads.core = 200inbound.threads.max = 1000

Threads

Messages per a Thread

No of Messages

A Message Size(byte)

Throughput (/s)

100

100

10,000

106

769

1000

1000

1,000,000

106

800

We can get the throughput around 800 with above thread pool values.Average Throughput(/s) - 799Now we have increased the inbound thread pool values further. The performance is measured with below inbound thread pool values and non sequential mode. The throughput is 711. There is no significant improvement compared with previous throughput.inbound.threads.core = 500inbound.threads.max = 2000

Threads

Messages per a Thread

No of Messages

A Message Size(byte)

Throughput (/s)

100

100

10,000

106

757

1,000

1000

1,000,000

106

710

Average Throughput(/s) - 711

You
can configure the inbound common parameters according to this
performance stats and see massive performance improvements with the
inbound thread pool. To get highest performance, I recommend you to use the following inbound thread pool values with non sequential mode.inbound.threads.core = 200inbound.threads.max = 1000